Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/b3f993-d03b-4b13-81af-aa6229698461/1/kDArqXOEBrMUjMcf682U7_MBjec.roa
File:                     kDArqXOEBrMUjMcf682U7_MBjec.roa (raw, json)
Hash identifier:          Z+fCZTfKNZ+qeaACkLMx50frTesYSBDLq/g8UE9jaWU=
Subject key identifier:   90:30:2B:A9:73:84:06:B3:14:8C:C7:1F:EB:CD:94:EF:F3:01:8D:E7
Certificate issuer:       /CN=95571d88b53965a7d081f3b1d8289cbc28775b88
Certificate serial:       0F42F3D9
Authority key identifier: 95:57:1D:88:B5:39:65:A7:D0:81:F3:B1:D8:28:9C:BC:28:77:5B:88
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lVcdiLU5ZafQgfOx2CicvCh3W4g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/55/b3f993-d03b-4b13-81af-aa6229698461/1/kDArqXOEBrMUjMcf682U7_MBjec.roa
Signing time:             Sat 01 Jan 2022 12:04:46 +0000
ROA not before:           Sat 01 Jan 2022 12:04:46 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     202077
IP address blocks:        185.68.136.0/22 maxlen: 24
                          2a03:2b20::/32 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 256046041 (0xf42f3d9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95571d88b53965a7d081f3b1d8289cbc28775b88
        Validity
            Not Before: Jan  1 12:04:46 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=90302ba9738406b3148cc71febcd94eff3018de7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:15:64:cc:72:67:a7:50:ff:67:cf:c1:be:cc:
                    11:17:75:7e:a2:d3:74:59:a2:75:2f:72:3e:88:81:
                    57:1e:34:31:9d:72:16:8a:fc:12:73:cf:da:7e:44:
                    46:dd:5a:d8:0c:ea:31:f2:c6:86:84:bd:a5:5a:6d:
                    e6:d4:fa:39:50:7b:da:83:26:07:59:0b:e3:8a:e4:
                    57:71:dd:de:71:72:88:a5:52:bc:a2:cd:ba:2c:9f:
                    3d:c3:7d:84:84:92:19:04:8b:89:8f:2a:a3:8c:0c:
                    72:34:17:5d:f0:14:47:ce:cf:ea:76:8b:7e:69:b7:
                    3a:77:ec:8c:37:7a:0b:38:fb:39:e7:cf:cb:ba:4a:
                    d4:19:b1:01:c2:0c:9f:60:6b:34:02:89:22:f3:75:
                    40:33:71:ec:80:6e:dd:95:9d:30:bb:fa:ca:94:3a:
                    8a:22:34:d5:ec:04:dd:1e:16:bb:a2:b1:3f:bb:ce:
                    44:7d:5a:dd:d7:79:bb:1f:30:40:d7:b6:29:3c:8e:
                    bd:f3:e0:77:35:25:6e:fa:f2:5c:6e:58:b8:c2:32:
                    47:db:8b:71:ae:f8:2d:b5:6b:bc:6e:7c:0e:1b:df:
                    be:39:30:85:aa:64:93:42:d9:3f:53:ad:21:99:4b:
                    8e:50:53:8f:21:a7:b9:4c:d4:a3:5a:7c:c7:87:6e:
                    92:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:30:2B:A9:73:84:06:B3:14:8C:C7:1F:EB:CD:94:EF:F3:01:8D:E7
            X509v3 Authority Key Identifier:
                keyid:95:57:1D:88:B5:39:65:A7:D0:81:F3:B1:D8:28:9C:BC:28:77:5B:88

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lVcdiLU5ZafQgfOx2CicvCh3W4g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/b3f993-d03b-4b13-81af-aa6229698461/1/kDArqXOEBrMUjMcf682U7_MBjec.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/55/b3f993-d03b-4b13-81af-aa6229698461/1/lVcdiLU5ZafQgfOx2CicvCh3W4g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.68.136.0/22
                IPv6:
                  2a03:2b20::/32

    Signature Algorithm: sha256WithRSAEncryption
         0f:7c:29:22:bb:4a:51:3f:a3:8c:02:43:5f:4f:a4:02:b9:a9:
         ce:1a:12:c3:29:01:ab:f6:8a:92:1d:67:ba:10:be:40:4f:32:
         73:a8:97:b0:20:ef:7c:10:21:ca:61:ba:81:8e:b8:55:0b:34:
         b0:54:af:2a:3a:c9:00:1d:3c:25:96:ca:d8:47:49:1e:fa:4d:
         6d:15:92:fa:92:b1:99:29:d1:5f:a6:eb:63:94:92:63:29:b8:
         cf:f5:36:10:0a:15:f3:07:94:34:16:9c:23:3a:24:5e:0e:80:
         a1:80:c7:ee:45:aa:f1:cf:93:ca:04:de:c9:25:4d:89:78:68:
         31:81:e3:e4:a5:60:31:7a:a8:3c:c6:c7:82:67:ed:99:d7:c6:
         c6:5f:a8:69:a0:f4:4c:f7:a3:d3:48:b9:aa:ed:78:f8:d3:38:
         fb:b0:57:b0:b7:9b:3a:e8:a1:52:f9:cb:02:15:3d:01:86:34:
         b6:d5:5a:71:11:47:25:b4:7c:c6:12:e0:06:c7:7c:eb:8a:ee:
         e1:76:70:c4:aa:c1:e6:2a:9b:65:12:1e:32:b9:04:f4:b4:1e:
         a5:4c:43:dd:0c:2d:86:b1:fb:66:2a:65:58:a3:12:25:7c:83:
         40:69:88:8b:55:7c:08:7e:da:82:ba:fc:ba:6d:30:de:e1:77:
         0b:74:ee:64
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIED0Lz2TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NTU3MWQ4OGI1Mzk2NWE3ZDA4MWYzYjFkODI4OWNiYzI4Nzc1Yjg4MB4XDTIyMDEw
MTEyMDQ0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTAzMDJiYTk3Mzg0
MDZiMzE0OGNjNzFmZWJjZDk0ZWZmMzAxOGRlNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJsVZMxyZ6dQ/2fPwb7MERd1fqLTdFmidS9yPoiBVx40MZ1y
For8EnPP2n5ERt1a2AzqMfLGhoS9pVpt5tT6OVB72oMmB1kL44rkV3Hd3nFyiKVS
vKLNuiyfPcN9hISSGQSLiY8qo4wMcjQXXfAUR87P6naLfmm3OnfsjDd6Czj7OefP
y7pK1BmxAcIMn2BrNAKJIvN1QDNx7IBu3ZWdMLv6ypQ6iiI01ewE3R4Wu6KxP7vO
RH1a3dd5ux8wQNe2KTyOvfPgdzUlbvryXG5YuMIyR9uLca74LbVrvG58Dhvfvjkw
hapkk0LZP1OtIZlLjlBTjyGnuUzUo1p8x4dukucCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSQMCupc4QGsxSMxx/rzZTv8wGN5zAfBgNVHSMEGDAWgBSVVx2ItTllp9CB
87HYKJy8KHdbiDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xWY2RpTFU1WmFmUWdmT3gyQ2ljdkNoM1c0Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTUvYjNmOTkzLWQwM2ItNGIxMy04MWFmLWFhNjIyOTY5ODQ2MS8x
L2tEQXJxWE9FQnJNVWpNY2Y2ODJVN19NQmplYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTUv
YjNmOTkzLWQwM2ItNGIxMy04MWFmLWFhNjIyOTY5ODQ2MS8xL2xWY2RpTFU1WmFm
UWdmT3gyQ2ljdkNoM1c0Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArlEiDANBAIAAjAHAwUAKgMrIDAN
BgkqhkiG9w0BAQsFAAOCAQEAD3wpIrtKUT+jjAJDX0+kArmpzhoSwykBq/aKkh1n
uhC+QE8yc6iXsCDvfBAhymG6gY64VQs0sFSvKjrJAB08JZbK2EdJHvpNbRWS+pKx
mSnRX6brY5SSYym4z/U2EAoV8weUNBacIzokXg6AoYDH7kWq8c+TygTeySVNiXho
MYHj5KVgMXqoPMbHgmftmdfGxl+oaaD0TPej00i5qu14+NM4+7BXsLebOuihUvnL
AhU9AYY0ttVacRFHJbR8xhLgBsd864ru4XZwxKrB5iqbZRIeMrkE9LQepUxD3Qwt
hrH7ZiplWKMSJXyDQGmIi1V8CH7agrr8um0w3uF3C3TuZA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:21 2024 by rpki-client on console-ams.rpki-client.org